VYPR

npm package

node-tar

pkg:npm/node-tar

Vulnerabilities (1)

  • CVE-2024-28863Mar 21, 2024
    affected < 6.2.1fixed 6.2.1

    node-tar is a Tar for Node.js. node-tar prior to version 6.2.1 has no limit on the number of sub-folders created in the folder creation process. An attacker who generates a large number of sub-folders can consume memory on the system running node-tar and even crash the Node.js cl